A brief guide to using SSH
SSH (Secure SHell) is a way to connect your computer to another computer or server. You can use this if you have a web project you want to host on a server you own, or if you have a Linux device you need to transfer files to such as a smart-home product or a Raspberry Pi. This guide will cover ways to connect to a Linux server from Mac or Linux and will cover generating your own SSH keys. It assumes basic knowledge of the Bash command line but feel free to read the manual for every command mentioned here, such as man ssh-keygen.
To access a server quickly
ssh <user>@<IP>To transfer a file to the server's Home directory, use 'scp' (Secure CoPy)
scp <file> <user>@<IP>:~To transfer all files in the current local folder to 'Documents' in server's Home use a glob
scp * <user>@<IP>:~/DocumentsThe setup is assumed to be:
- A development computer you have admin/root access to, connected to a local network by router, with OpenSSH
- A server or device you have admin/root access to, connected to the same network or the internet, with OpenSSH
To tell if your device has OpenSSH bundle installed try viewing the manual page
man sshFind out the IP of your server. If you physically set it up on your home network you can find this out by accessing the configuration page of your router, often by browsing to a URL or IP address from a device connected to the router. Or if you have direct local access to the server then a command will show its IP
hostname -IThere are two main ways to use SSH. For speed or infrequent use, the ssh command can be run with no options and just the server details as the argument. This will require the system password for the server to be entered, much like logging in to a machine locally as a user. It will also prompt you to type "y" to add the server details to a file '~/.ssh/known_hosts'. The folder '.ssh/' will be created in your home directory if it did not already exist.
ssh <user>@<IP>Note that if your server has a hostname associated with it then that can be used instead of the IP address.
ssh <user>@<hostname>If the server's settings change in the future because, for example, your device moved on your wireless network and was assigned a new IP then you may get a scary warning when you try to connect again. Ignore it and manually edit 'known_hosts' as the warning suggests.
To transfer a file to the server's Home directory, use 'scp' (Secure CoPy)
scp <file> <user>@<IP>:~To transfer all files in the current local folder to 'Documents' in server's Home use a glob
scp * <user>@<IP>:~/DocumentsAnother way to use SSH is to generate a pair of secure keys, one public key stored on the server which acts like a lock, and a private key which is stored on your connecting machine. These allow the machines to recognise each other automatically without a password and keep a connection open. Much like real locks and keys, a public key may be publically visible since it is not usable without its counterpart, however a private key should not be shared with anyone and should only be associated with one machine. If a private key is lost then it should be discarded and a new one generated. Public keys are text files with the extension ".pub", private keys do not need an extension.
To specify a private key file name, its location and use the default encryption method
ssh-keygen -f ~/.ssh/<keyname>Or to follow some prompts use the following and press return to skip entering a passphrase
ssh-keygenCopy the public key to the server (yes using the private key), enter the password
ssh-copy-id -i ~/.ssh/<priv-key> <user>@<host>You can now delete the public key from your delevopment machine.
It is now possible use the private key to connect to the server using the -i option
ssh -i ~/.ssh/<priv-key> <user>@<host>Optionally, it is possible to make your local machine automatically associate the server with the corresponding private key
Add the private key to an authorisation agent
ssh-add <priv-key>In the folder '~/.ssh' create a file 'config' and add a shortname to it
nano ~/.ssh/configA template configuration file from
Host <shortname>
HostName <IP>
IdentityFile ~/.ssh/<publickey.pub>
User <username>
Now you can SSH in with
ssh <shortname>Configuring a shortname makes using the above commands easier. Instead of transferring a file the long way
scp -i ~/.ssh/<priv-key> <user>@<host>You can use the short way
scp <shortname>Unsure what to do after getting in?
To print the current working directory
pwdTo list files and directories in the current directory
lsTo edit a text file
nano <file>ssh-add -lls ~/.sshless ~/.ssh/configless ~/.ssh/known_hostsless ~/.ssh/authorized-keysWho is logged in
w # or 'who'When you rent a server (like AWS) you are given an IP, a default username, a password, and a private key. This means you can skip generating the keys and just SSH in.
ssh <user>@<IP>The prompt will change. Type exit or use ctrl+d to exit back to the shell of your development machine.
You can transfer files to the server in a similar way with the scp command. The "quick" way requires a password every time, but with configuration the command can be shorter and without needing a password.
Copy files with 'scp'. It asks for a password:
scp a.txt <user>@<hostname>:~The ":" is needed and defaults to the home folder, though a path can be declared.
If all you want to do is stick files on the server for remote use then that's all you need to know.